Rosecurify

Seclog - #68

Backdooring AMIs for Fun and Profit - Ratnakar Singh explores the potential and pitfalls of backdooring Amazon Machine Images. Read More

WIFI Credential Dumping - Techniques to retrieve the Pre-Shared Key (PSK) from a compromised workstation. Read More

HTTP/2 CONTINUATION Flood - Technical details of the HTTP/2 CONTINUATION flood attack. Read More

The XZ Utils Backdoor (CVE-2024-3094) - Everything you need to know about the XZ Utils backdoor. Read More

DJI Mavic 3 Drone Firmware Analysis - A deep dive into the firmware of the DJI Mavic 3 drone. Read More

Exploiting Empire C2 Framework - Insights into vulnerabilities within the Empire Command and Control framework. Read More

The V8 Sandbox - A look into the sandboxing mechanism of the V8 JavaScript engine. Read More

Panning For Gold: Sifting Through Network Logs - Techniques for analyzing network logs for security insights. Read More

Azure Redirect URI Takeover Vulnerability - Exploring a vulnerability in Azure's redirect URI handling. Read More

Securing Flutter Applications - Best practices for enhancing the security of Flutter applications. Read More

10,000 Bugfixes in 10,000 Days - Reflecting on the milestone of fixing 10,000 bugs. Read More

10 > 64, in QR Codes - Exploring encoding efficiency in QR codes. Read More

Fault Injection and the Supply Chain - Analyzing the impact of fault injection attacks on supply chain security. Read More

Fine-tuning Semgrep for Ruby Security - Customizing Semgrep rules for Ruby security. Read More

Security Research Without Ever Leaving GitHub - Leveraging GitHub for end-to-end security research. Read More

The Dangers of AI Agents Unfurling Hyperlinks - Discussing the security risks of AI agents automatically unfurling hyperlinks. Read More

๐Ÿ’ป SecGit #

xzbot - Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094). Explore on GitHub

endlessh-go - A Golang implementation of endlessh exporting Prometheus metrics, visualized by a Grafana dashboard. Explore on GitHub

burp2caido - A tool to migrate Burpsuite HTTP history to Caido. Explore on GitHub

apkd - APK downloader from a few sources. Explore on GitHub

biotime-rce-8.5.5 - Exploit covering several vulnerabilities in BioTime leading to Remote Code Execution or directory traversal. Explore on GitHub

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Subscribe to Seclog

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog:

← Back to Seclog